OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions

A flaw was found in OpenSSH. This vulnerability allows for a low integrity impact due to the omission of connection multiplexing confirmation for proxy-mode multiplexing sessions. A local user, under specific and complex conditions requiring user interaction, could potentially establish a...

openssh security update

8.7p1-49.0.1 - Upstream references found with /usr/bin/ssh Orabug: 37814929 - upstream: fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand Orabug: 37647064 - Update upstream references Orabug: 36564626 8.7p1-49 - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in...

openssh security update

9.9p1-14.0.1 - Upstream references found with /usr/bin/ssh Orabug: 37824421 9.9p1-14 - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in preserving file mode Resolves: RHEL-164738 - CVE-2026-35388: Add connection multiplexing confirmation for proxy-mode multiplexing...

EUVD-2026-18404

OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions...

CVE-2026-35388

OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions...

CVE-2026-35388

OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions...

PT-2026-29835

Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 10.3 Description OpenSSH versions before 10.3 do not confirm connection multiplexing in proxy-mode multiplexing sessions. Recommendations Update to version 10.3 or later...